|
|
[讨论]能不能帮我分析分析
顶顶顶顶.还的自几去搞,还的半年 |
|
|
[讨论]能不能帮我分析分析
不会才问.themida加的壳我脱了,给我分析一下,不会别顶 |
|
|
[求助]themida壳脱下来了,给我看看如和破它
okdodo的脚本是什么,需要帮吗 |
|
|
[讨论]请看一下如和破
skylly给改一下 |
|
|
[原创][网络验证破解]某外挂验证转本地化
0041B374 . 53 push ebx 0041B375 . 56 push esi 0041B376 . A1 00145500 mov eax, dword ptr [551400] 0041B37B . 85C0 test eax, eax 0041B37D . 0F84 BC000000 je 0041B43F 0041B383 . 83B8 1C010200>cmp dword ptr [eax+2011C], 0 0041B38A . 0F84 AF000000 je 0041B43F 0041B390 . 33F6 xor esi, esi 0041B392 > 6A 00 push 0 ; /Arg5 = 00000000 0041B394 . A1 00145500 mov eax, dword ptr [551400] ; | 0041B399 . 6A 00 push 0 ; |Arg4 = 00000000 0041B39B . 68 AF220000 push 22AF ; |Arg3 = 000022AF 0041B3A0 . 68 6F4A5500 push 00554A6F ; |57.218.178.114 0041B3A5 . 8B90 1C010200 mov edx, dword ptr [eax+2011C] ; | 0041B3AB . 52 push edx ; |Arg1 0041B3AC . E8 3B5C0200 call 00440FEC ; \cck.00440FEC 0041B3B1 . 83C4 14 add esp, 14 0041B3B4 . 8BD8 mov ebx, eax 0041B3B6 . 84DB test bl, bl 0041B3B8 . 74 53 je short 0041B40D 0041B3BA . 6A 00 push 0 ; /Arg2 = 00000000 0041B3BC . A1 00145500 mov eax, dword ptr [551400] ; | 0041B3C1 . 8B90 1C010200 mov edx, dword ptr [eax+2011C] ; | 0041B3C7 . 52 push edx ; |Arg1 0041B3C8 . E8 AB5C0200 call 00441078 ; \cck.00441078 0041B3CD . 83C4 08 add esp, 8 0041B3D0 . 8B0D 00145500 mov ecx, dword ptr [551400] 0041B3D6 . 8B81 1C010200 mov eax, dword ptr [ecx+2011C] 0041B3DC . 50 push eax ; /Arg1 0041B3DD . E8 A65C0200 call 00441088 ; \cck.00441088 0041B3E2 . 59 pop ecx 0041B3E3 . 84C0 test al, al 0041B3E5 . 75 50 jnz short 0041B437 0041B3E7 . A1 00145500 mov eax, dword ptr [551400] 0041B3EC . 8B90 1C010200 mov edx, dword ptr [eax+2011C] 0041B3F2 . 81C2 9C000000 add edx, 9C 0041B3F8 . 52 push edx ; /Arg5 0041B3F9 . 68 7E4A5500 push 00554A7E ; |验证服务器-- %s... 0041B3FE . 6A 03 push 3 ; |Arg3 = 00000003 0041B400 . 6A 00 push 0 ; |Arg2 = 00000000 0041B402 . 50 push eax ; |Arg1 => 00000000 0041B403 . E8 800B0000 call 0041BF88 ; \cck.0041BF88 0041B408 . 83C4 14 add esp, 14 0041B40B . EB 2A jmp short 0041B437 0041B40D > 46 inc esi 0041B40E . 6A 64 push 64 ; /Timeout = 100. ms 0041B410 . E8 174A1200 call <jmp.&kernel32.Sleep> ; \Sleep 0041B415 . 81FE 10270000 cmp esi, 2710 0041B41B . 7E 1A jle short 0041B437 0041B41D . 6A 03 push 3 ; /Arg2 = 00000003 0041B41F . 8B0D 00145500 mov ecx, dword ptr [551400] ; | 0041B425 . 8B81 1C010200 mov eax, dword ptr [ecx+2011C] ; | 0041B42B . 50 push eax ; |Arg1 0041B42C . E8 475C0200 call 00441078 ; \cck.00441078 0041B431 . 83C4 08 add esp, 8 0041B434 . 5E pop esi 0041B435 . 5B pop ebx 0041B436 . C3 retn 0041B437 > 84DB test bl, bl 0041B439 .^ 0F84 53FFFFFF je 0041B392 0041B43F > 5E pop esi 0041B440 . 5B pop ebx 0041B441 . C3 retn 0041B442 90 nop |
|
|
[原创][网络验证破解]某外挂验证转本地化
0042089C /$ 55 push ebp 0042089D |. 8BEC mov ebp, esp 0042089F |. 83C4 D4 add esp, -2C 004208A2 |. B8 205B5500 mov eax, 00555B20 004208A7 |. 53 push ebx 004208A8 |. 56 push esi 004208A9 |. 8B5D 08 mov ebx, dword ptr [ebp+8] 004208AC |. E8 5BC90F00 call 0051D20C 004208B1 |. C683 41010200>mov byte ptr [ebx+20141], 1 004208B8 |. 83BB 1C010200>cmp dword ptr [ebx+2011C], 0 004208BF |. 74 11 je short 004208D2 004208C1 |. B0 01 mov al, 1 004208C3 |. 8B55 D8 mov edx, dword ptr [ebp-28] 004208C6 |. 64:8915 00000>mov dword ptr fs:[0], edx 004208CD |. E9 26010000 jmp 004209F8 004208D2 |> 68 E4010000 push 1E4 ; /Arg1 = 000001E4 004208D7 |. E8 30B60F00 call 0051BF0C ; \cck.0051BF0C 004208DC |. 59 pop ecx 004208DD |. 8945 FC mov dword ptr [ebp-4], eax 004208E0 |. 85C0 test eax, eax 004208E2 |. 74 1B je short 004208FF 004208E4 |. 66:C745 E8 14>mov word ptr [ebp-18], 14 004208EA |. 8B55 FC mov edx, dword ptr [ebp-4] 004208ED |. 52 push edx ; /Arg1 004208EE |. E8 45030200 call 00440C38 ; \cck.00440C38 004208F3 |. 59 pop ecx 004208F4 |. 66:C745 E8 08>mov word ptr [ebp-18], 8 004208FA |. 8B75 FC mov esi, dword ptr [ebp-4] 004208FD |. EB 03 jmp short 00420902 004208FF |> 8B75 FC mov esi, dword ptr [ebp-4] 00420902 |> 33C0 xor eax, eax 00420904 |. 89B3 1C010200 mov dword ptr [ebx+2011C], esi 0042090A |. 8946 04 mov dword ptr [esi+4], eax 0042090D |. 33D2 xor edx, edx 0042090F |. 8956 44 mov dword ptr [esi+44], edx 00420912 |. 33C9 xor ecx, ecx 00420914 |. C746 48 03000>mov dword ptr [esi+48], 3 0042091B |. 898B 20010200 mov dword ptr [ebx+20120], ecx 00420921 |. 33C0 xor eax, eax 00420923 |. 8983 28010200 mov dword ptr [ebx+20128], eax 00420929 |. 8B83 38010200 mov eax, dword ptr [ebx+20138] 0042092F |. 85C0 test eax, eax 00420931 |. 74 1D je short 00420950 00420933 |. 8B93 3C010200 mov edx, dword ptr [ebx+2013C] 00420939 |. 52 push edx ; /ExitCode 0042093A |. 50 push eax ; |hThread 0042093B |. E8 F2F41100 call <jmp.&kernel32.TerminateThread> ; \TerminateThread 00420940 |. 33C9 xor ecx, ecx 00420942 |. 33C0 xor eax, eax 00420944 |. 898B 3C010200 mov dword ptr [ebx+2013C], ecx 0042094A |. 8983 38010200 mov dword ptr [ebx+20138], eax 00420950 |> 8D55 D4 lea edx, dword ptr [ebp-2C] 00420953 |. 52 push edx ; /pThreadId 00420954 |. 6A 00 push 0 ; |CreationFlags = 0 00420956 |. 6A 00 push 0 ; |pThreadParm = NULL 00420958 |. 68 74B34100 push 0041B374 ; |ThreadFunction = cck.0041B374 0042095D |. 6A 00 push 0 ; |StackSize = 0 0042095F |. 6A 00 push 0 ; |pSecurity = NULL 00420961 |. E8 68F21100 call <jmp.&kernel32.CreateThread> ; \CreateThread 00420966 |. 8BF0 mov esi, eax 00420968 |. 89B3 38010200 mov dword ptr [ebx+20138], esi 0042096E |. 85F6 test esi, esi 00420970 |. 75 25 jnz short 00420997 00420972 |. 68 314F5500 push 00554F31 ; /认证连接线程创建失败!请尝试重启程序。 如果多次发生该情况,请检查系统或联系客服 00420977 |. 6A 03 push 3 ; |Arg3 = 00000003 00420979 |. 6A 00 push 0 ; |Arg2 = 00000000 0042097B |. A1 00145500 mov eax, dword ptr [551400] ; | 00420980 |. 50 push eax ; |Arg1 => 00000000 00420981 |. E8 02B6FFFF call 0041BF88 ; \cck.0041BF88 00420986 |. 83C4 10 add esp, 10 00420989 |. 33C0 xor eax, eax 0042098B |. 8B55 D8 mov edx, dword ptr [ebp-28] 0042098E |. 64:8915 00000>mov dword ptr fs:[0], edx 00420995 |. EB 61 jmp short 004209F8 00420997 |> 8D8B 3C010200 lea ecx, dword ptr [ebx+2013C] 0042099D |. 51 push ecx ; /pExitCode 0042099E |. 8B83 38010200 mov eax, dword ptr [ebx+20138] ; | 004209A4 |. 50 push eax ; |hThread 004209A5 |. E8 CCF21100 call <jmp.&kernel32.GetExitCodeThread>; \GetExitCodeThread 004209AA |. 85C0 test eax, eax 004209AC |. 75 26 jnz short 004209D4 004209AE |. 68 814F5500 push 00554F81 ; /认证连接线程exitcode获取失败!请尝试重启程序。 如果多次发生该情况,请检查系统或联系客服 004209B3 |. 6A 03 push 3 ; |Arg3 = 00000003 004209B5 |. 6A 00 push 0 ; |Arg2 = 00000000 004209B7 |. 8B15 00145500 mov edx, dword ptr [551400] ; | 004209BD |. 52 push edx ; |Arg1 => 00000000 004209BE |. E8 C5B5FFFF call 0041BF88 ; \cck.0041BF88 004209C3 |. 83C4 10 add esp, 10 004209C6 |. 33C0 xor eax, eax 004209C8 |. 8B55 D8 mov edx, dword ptr [ebp-28] 004209CB |. 64:8915 00000>mov dword ptr fs:[0], edx 004209D2 |. EB 24 jmp short 004209F8 004209D4 |> 68 D94F5500 push 00554FD9 ; /认证启动 004209D9 |. 6A 03 push 3 ; |Arg3 = 00000003 004209DB |. 6A 00 push 0 ; |Arg2 = 00000000 004209DD |. 8B0D 00145500 mov ecx, dword ptr [551400] ; | 004209E3 |. 51 push ecx ; |Arg1 => 00000000 004209E4 |. E8 9FB5FFFF call 0041BF88 ; \cck.0041BF88 004209E9 |. 83C4 10 add esp, 10 004209EC |. B0 01 mov al, 1 004209EE |. 8B55 D8 mov edx, dword ptr [ebp-28] 004209F1 |. 64:8915 00000>mov dword ptr fs:[0], edx 004209F8 |> 5E pop esi 004209F9 |. 5B pop ebx 004209FA |. 8BE5 mov esp, ebp 004209FC |. 5D pop ebp 004209FD \. C3 retn 004209FE 90 nop 004209FF 90 nop 00420A00 /$ 55 push ebp 00420A01 |. 8BEC mov ebp, esp 00420A03 |. 81C4 04F0FFFF add esp, -0FFC 00420A09 |. 50 push eax 00420A0A |. 83C4 F0 add esp, -10 00420A0D |. 803D 3C4A5500>cmp byte ptr [554A3C], 0 00420A14 |. 53 push ebx 00420A15 |. 56 push esi 00420A16 |. 57 push edi 00420A17 |. 8B5D 08 mov ebx, dword ptr [ebp+8] 00420A1A |. 75 1B jnz short 00420A37 00420A1C |. 80BB 48010200>cmp byte ptr [ebx+20148], 0 00420A23 |. 74 12 je short 00420A37 00420A25 |. 53 push ebx ; /Arg1 00420A26 |. E8 71FEFFFF call 0042089C ; \cck.0042089C 00420A2B |. 59 pop ecx 00420A2C |. 84C0 test al, al 00420A2E |. 74 07 je short 00420A37 00420A30 |. C605 3C4A5500>mov byte ptr [554A3C], 1 00420A37 |> E8 C4F21100 call <jmp.&kernel32.GetTickCount> ; [GetTickCount 00420A3C |. 8945 FC mov dword ptr [ebp-4], eax 00420A3F |. 8B83 14010200 mov eax, dword ptr [ebx+20114] 00420A45 |. 85C0 test eax, eax 00420A47 |. 0F84 D3010000 je 00420C20 00420A4D |. 8378 08 00 cmp dword ptr [eax+8], 0 00420A51 |. 0F84 C9010000 je 00420C20 00420A57 |. 8B83 1C010200 mov eax, dword ptr [ebx+2011C] 00420A5D |. 85C0 test eax, eax 00420A5F |. 0F84 BB010000 je 00420C20 00420A65 |. 50 push eax 00420A66 |. E8 85070200 call 004411F0 00420A6B |. 59 pop ecx 00420A6C |. 8B93 1C010200 mov edx, dword ptr [ebx+2011C] 00420A72 |. 52 push edx ; /Arg1 00420A73 |. E8 18040200 call 00440E90 ; \cck.00440E90 00420A78 |. 59 pop ecx 00420A79 |. 83F8 02 cmp eax, 2 00420A7C |. 0F85 5D010000 jnz 00420BDF 00420A82 |. 8B4D FC mov ecx, dword ptr [ebp-4] 00420A85 |. 2B8B 20010200 sub ecx, dword ptr [ebx+20120] 00420A8B |. 3B8B 24010200 cmp ecx, dword ptr [ebx+20124] 00420A91 |. 0F86 07010000 jbe 00420B9E 00420A97 |. 8B45 FC mov eax, dword ptr [ebp-4] 00420A9A |. 8983 20010200 mov dword ptr [ebx+20120], eax 00420AA0 |. E8 5BF21100 call <jmp.&kernel32.GetTickCount> ; [GetTickCount 00420AA5 |. B9 E0930400 mov ecx, 493E0 00420AAA |. 33D2 xor edx, edx 00420AAC |. F7F1 div ecx 00420AAE |. 8993 24010200 mov dword ptr [ebx+20124], edx 00420AB4 |. 83BB 14010200>cmp dword ptr [ebx+20114], 0 00420ABB |. 74 0B je short 00420AC8 00420ABD |. 8B83 14010200 mov eax, dword ptr [ebx+20114] 00420AC3 |. 8B70 08 mov esi, dword ptr [eax+8] 00420AC6 |. EB 02 jmp short 00420ACA 00420AC8 |> 33F6 xor esi, esi 00420ACA |> 8BFE mov edi, esi 00420ACC |. 68 00100000 push 1000 ; /Arg3 = 00001000 00420AD1 |. C1E7 04 shl edi, 4 ; | 00420AD4 |. 8D85 F0EFFFFF lea eax, dword ptr [ebp-1010] ; | 00420ADA |. 6A 00 push 0 ; |Arg2 = 00000000 00420ADC |. 50 push eax ; |Arg1 00420ADD |. 81C7 94000000 add edi, 94 ; | 00420AE3 |. E8 44C20F00 call 0051CD2C ; \cck.0051CD2C 00420AE8 |. 83C4 0C add esp, 0C 00420AEB |. 8D95 F0EFFFFF lea edx, dword ptr [ebp-1010] 00420AF1 |. 8955 F8 mov dword ptr [ebp-8], edx 00420AF4 |. 8B4D F8 mov ecx, dword ptr [ebp-8] 00420AF7 |. 66:8939 mov word ptr [ecx], di 00420AFA |. 8B45 F8 mov eax, dword ptr [ebp-8] 00420AFD |. 8B93 34010200 mov edx, dword ptr [ebx+20134] 00420B03 |. 8950 48 mov dword ptr [eax+48], edx 00420B06 |. 8B4D F8 mov ecx, dword ptr [ebp-8] 00420B09 |. 8971 44 mov dword ptr [ecx+44], esi 00420B0C |. 8B45 F8 mov eax, dword ptr [ebp-8] 00420B0F |. 8B93 30010200 mov edx, dword ptr [ebx+20130] 00420B15 |. 8950 4C mov dword ptr [eax+4C], edx 00420B18 |. 8B4D F8 mov ecx, dword ptr [ebp-8] 00420B1B |. 66:C741 02 00>mov word ptr [ecx+2], 0 00420B21 |. C745 F4 94000>mov dword ptr [ebp-C], 94 00420B28 |. 8B83 14010200 mov eax, dword ptr [ebx+20114] 00420B2E |. 8B08 mov ecx, dword ptr [eax] 00420B30 |. 85C9 test ecx, ecx 00420B32 |. 74 32 je short 00420B66 00420B34 |> 8B41 10 /mov eax, dword ptr [ecx+10] 00420B37 |. 8D95 F0EFFFFF |lea edx, dword ptr [ebp-1010] 00420B3D |. 0355 F4 |add edx, dword ptr [ebp-C] 00420B40 |. 8B75 F4 |mov esi, dword ptr [ebp-C] 00420B43 |. 83C6 10 |add esi, 10 00420B46 |. 8975 F4 |mov dword ptr [ebp-C], esi 00420B49 |. 8B30 |mov esi, dword ptr [eax] 00420B4B |. 8932 |mov dword ptr [edx], esi 00420B4D |. 8B70 04 |mov esi, dword ptr [eax+4] 00420B50 |. 8972 04 |mov dword ptr [edx+4], esi 00420B53 |. 8B70 08 |mov esi, dword ptr [eax+8] 00420B56 |. 8972 08 |mov dword ptr [edx+8], esi 00420B59 |. 8B40 10 |mov eax, dword ptr [eax+10] 00420B5C |. 8942 0C |mov dword ptr [edx+C], eax 00420B5F |. 8B49 04 |mov ecx, dword ptr [ecx+4] 00420B62 |. 85C9 |test ecx, ecx 00420B64 |.^ 75 CE \jnz short 00420B34 00420B66 |> 8D95 F0EFFFFF lea edx, dword ptr [ebp-1010] 00420B6C |. 52 push edx ; /Arg2 00420B6D |. 53 push ebx ; |Arg1 00420B6E |. E8 09010000 call 00420C7C ; \cck.00420C7C 00420B73 |. 83C4 08 add esp, 8 00420B76 |. 8D95 F0EFFFFF lea edx, dword ptr [ebp-1010] 00420B7C |. 6A FF push -1 ; /Arg5 = FFFFFFFF 00420B7E |. 6A 01 push 1 ; |Arg4 = 00000001 00420B80 |. 8B4D F8 mov ecx, dword ptr [ebp-8] ; | 00420B83 |. 0FB701 movzx eax, word ptr [ecx] ; | 00420B86 |. 50 push eax ; |Arg3 00420B87 |. 52 push edx ; |Arg2 00420B88 |. 8B8B 1C010200 mov ecx, dword ptr [ebx+2011C] ; | 00420B8E |. 51 push ecx ; |Arg1 00420B8F |. E8 080D0200 call 0044189C ; \cck.0044189C 00420B94 |. 83C4 14 add esp, 14 00420B97 |. C683 41010200>mov byte ptr [ebx+20141], 0 00420B9E |> 8B45 FC mov eax, dword ptr [ebp-4] 00420BA1 |. 2B83 28010200 sub eax, dword ptr [ebx+20128] 00420BA7 |. 3D 204E0000 cmp eax, 4E20 00420BAC |. 76 31 jbe short 00420BDF 00420BAE |. 66:C745 F0 04>mov word ptr [ebp-10], 4 00420BB4 |. 66:C745 F2 01>mov word ptr [ebp-E], 1 00420BBA |. 6A FF push -1 ; /Arg5 = FFFFFFFF 00420BBC |. 6A 01 push 1 ; |Arg4 = 00000001 00420BBE |. 0FB755 F0 movzx edx, word ptr [ebp-10] ; | 00420BC2 |. 52 push edx ; |Arg3 00420BC3 |. 8D4D F0 lea ecx, dword ptr [ebp-10] ; | 00420BC6 |. 51 push ecx ; |Arg2 00420BC7 |. 8B83 1C010200 mov eax, dword ptr [ebx+2011C] ; | 00420BCD |. 50 push eax ; |Arg1 00420BCE |. E8 C90C0200 call 0044189C ; \cck.0044189C 00420BD3 |. 83C4 14 add esp, 14 00420BD6 |. 8B55 FC mov edx, dword ptr [ebp-4] 00420BD9 |. 8993 28010200 mov dword ptr [ebx+20128], edx 00420BDF |> 8B8B 1C010200 mov ecx, dword ptr [ebx+2011C] 00420BE5 |. 51 push ecx ; /Arg1 00420BE6 |. E8 A5020200 call 00440E90 ; \cck.00440E90 00420BEB |. 59 pop ecx 00420BEC |. 83F8 04 cmp eax, 4 00420BEF |. 75 2F jnz short 00420C20 00420BF1 |. 803D 3D4A5500>cmp byte ptr [554A3D], 0 00420BF8 |. 75 26 jnz short 00420C20 00420BFA |. 68 E24F5500 push 00554FE2 ; /验证服务器断开链接..... 00420BFF |. 6A 03 push 3 ; |Arg3 = 00000003 00420C01 |. 6A 00 push 0 ; |Arg2 = 00000000 00420C03 |. A1 00145500 mov eax, dword ptr [551400] ; | 00420C08 |. 50 push eax ; |Arg1 => 00000000 00420C09 |. E8 7AB3FFFF call 0041BF88 ; \cck.0041BF88 00420C0E |. 83C4 10 add esp, 10 00420C11 |. 33D2 xor edx, edx 00420C13 |. 8993 44010200 mov dword ptr [ebx+20144], edx 00420C19 |. C605 3D4A5500>mov byte ptr [554A3D], 1 00420C20 |> 5F pop edi 00420C21 |. 5E pop esi 00420C22 |. 5B pop ebx 00420C23 |. 8BE5 mov esp, ebp 00420C25 |. 5D pop ebp 00420C26 \. C3 retn 00420C27 90 nop 00420C28 /$ 55 push ebp 00420C29 |. 8BEC mov ebp, esp 00420C2B |. 81C4 04F0FFFF add esp, -0FFC 00420C31 |. 50 push eax 00420C32 |. 53 push ebx 00420C33 |. 8B45 0C mov eax, dword ptr [ebp+C] 00420C36 |. 8B5D 08 mov ebx, dword ptr [ebp+8] 00420C39 |. 8BD0 mov edx, eax 00420C3B |. 66:837A 02 01 cmp word ptr [edx+2], 1 00420C40 |. 74 33 je short 00420C75 00420C42 |. 8B4D 10 mov ecx, dword ptr [ebp+10] 00420C45 |. 51 push ecx ; /Arg3 00420C46 |. 50 push eax ; |Arg2 00420C47 |. 8D85 00F0FFFF lea eax, dword ptr [ebp-1000] ; | 00420C4D |. 50 push eax ; |Arg1 00420C4E |. E8 69C00F00 call 0051CCBC ; \cck.0051CCBC 00420C53 |. 83C4 0C add esp, 0C 00420C56 |. 8D85 00F0FFFF lea eax, dword ptr [ebp-1000] 00420C5C |. 50 push eax 00420C5D |. 53 push ebx 00420C5E |. E8 E1010000 call 00420E44 00420C63 |. 83C4 08 add esp, 8 00420C66 |. 8B15 784C5900 mov edx, dword ptr [594C78] ; cck._Form_Main 00420C6C |. 8B0A mov ecx, dword ptr [edx] 00420C6E |. 51 push ecx 00420C6F |. E8 0082FEFF call 00408E74 00420C74 |. 59 pop ecx 00420C75 |> 5B pop ebx 00420C76 |. 8BE5 mov esp, ebp 00420C78 |. 5D pop ebp 00420C79 \. C3 retn 00420C7A 90 nop 00420C7B 90 nop 00420C7C /$ 55 push ebp 00420C7D |. 8BEC mov ebp, esp 00420C7F |. 83C4 F0 add esp, -10 00420C82 |. 53 push ebx 00420C83 |. 56 push esi 00420C84 |. 57 push edi 00420C85 |. 8B45 0C mov eax, dword ptr [ebp+C] 00420C88 |. 8945 FC mov dword ptr [ebp-4], eax 00420C8B |> E8 8C78FFFF /call 0041851C 00420C90 |. 8BD8 |mov ebx, eax 00420C92 |. 8B45 FC |mov eax, dword ptr [ebp-4] 00420C95 |. 8958 50 |mov dword ptr [eax+50], ebx 00420C98 |. 81FB 00000010 |cmp ebx, 10000000 00420C9E |.^ 76 EB \jbe short 00420C8B 00420CA0 |. 8B55 FC mov edx, dword ptr [ebp-4] 00420CA3 |. 8B4A 44 mov ecx, dword ptr [edx+44] 00420CA6 |. 894D F8 mov dword ptr [ebp-8], ecx 00420CA9 |. B9 BC030000 mov ecx, 3BC 00420CAE |. 8B45 FC mov eax, dword ptr [ebp-4] 00420CB1 |. 8170 50 EF12B>xor dword ptr [eax+50], 93B712EF 00420CB8 |. 8B55 FC mov edx, dword ptr [ebp-4] 00420CBB |. 8B42 4C mov eax, dword ptr [edx+4C] 00420CBE |. 33D2 xor edx, edx 00420CC0 |. F7F1 div ecx 00420CC2 |. 8B45 FC mov eax, dword ptr [ebp-4] 00420CC5 |. 8B4D FC mov ecx, dword ptr [ebp-4] 00420CC8 |. 8BFA mov edi, edx 00420CCA |. 8B50 50 mov edx, dword ptr [eax+50] 00420CCD |. 3151 4C xor dword ptr [ecx+4C], edx 00420CD0 |. 8B55 FC mov edx, dword ptr [ebp-4] 00420CD3 |. 8B04BD 3C3A55>mov eax, dword ptr [edi*4+553A3C] 00420CDA |. 3142 44 xor dword ptr [edx+44], eax 00420CDD |. 8B45 FC mov eax, dword ptr [ebp-4] 00420CE0 |. 8B0CBD 4C3A55>mov ecx, dword ptr [edi*4+553A4C] 00420CE7 |. 3148 48 xor dword ptr [eax+48], ecx 00420CEA |. 33DB xor ebx, ebx 00420CEC |. 8B45 FC mov eax, dword ptr [ebp-4] 00420CEF |. 8D50 04 lea edx, dword ptr [eax+4] 00420CF2 |. 8955 F4 mov dword ptr [ebp-C], edx 00420CF5 |> 8B4D F4 /mov ecx, dword ptr [ebp-C] 00420CF8 |. 8BF1 |mov esi, ecx 00420CFA |. E8 1D78FFFF |call 0041851C 00420CFF |. 8906 |mov dword ptr [esi], eax 00420D01 |. 8D043B |lea eax, dword ptr [ebx+edi] 00420D04 |. 8B1485 1C3A55>|mov edx, dword ptr [eax*4+553A1C] 00420D0B |. 3B16 |cmp edx, dword ptr [esi] 00420D0D |.^ 72 E6 |jb short 00420CF5 00420D0F |. 43 |inc ebx 00420D10 |. 8345 F4 04 |add dword ptr [ebp-C], 4 00420D14 |. 83FB 10 |cmp ebx, 10 00420D17 |.^ 7C DC \jl short 00420CF5 00420D19 |. 33DB xor ebx, ebx 00420D1B |. 8B45 FC mov eax, dword ptr [ebp-4] 00420D1E |. 8D50 54 lea edx, dword ptr [eax+54] 00420D21 |. 8955 F0 mov dword ptr [ebp-10], edx 00420D24 |> 8B4D F0 /mov ecx, dword ptr [ebp-10] 00420D27 |. 8BF1 |mov esi, ecx 00420D29 |. E8 EE77FFFF |call 0041851C 00420D2E |. 8D143B |lea edx, dword ptr [ebx+edi] 00420D31 |. 8906 |mov dword ptr [esi], eax 00420D33 |. 8B06 |mov eax, dword ptr [esi] 00420D35 |. 3B0495 5C3A55>|cmp eax, dword ptr [edx*4+553A5C] 00420D3C |.^ 72 E6 |jb short 00420D24 00420D3E |. 43 |inc ebx 00420D3F |. 8345 F0 04 |add dword ptr [ebp-10], 4 00420D43 |. 83FB 10 |cmp ebx, 10 00420D46 |.^ 7C DC \jl short 00420D24 00420D48 |. 8B45 FC mov eax, dword ptr [ebp-4] 00420D4B |. 33C9 xor ecx, ecx 00420D4D |. 33DB xor ebx, ebx 00420D4F |. 8D50 04 lea edx, dword ptr [eax+4] 00420D52 |> 8B02 /mov eax, dword ptr [edx] 00420D54 |. 83E0 0F |and eax, 0F 00420D57 |. 03C8 |add ecx, eax 00420D59 |. 83FB 0F |cmp ebx, 0F 00420D5C |. 74 08 |je short 00420D66 00420D5E |. 8B42 50 |mov eax, dword ptr [edx+50] 00420D61 |. 83E0 0F |and eax, 0F 00420D64 |. 03C8 |add ecx, eax 00420D66 |> 43 |inc ebx 00420D67 |. 83C2 04 |add edx, 4 00420D6A |. 83FB 10 |cmp ebx, 10 00420D6D |.^ 7C E3 \jl short 00420D52 00420D6F |. 8B55 FC mov edx, dword ptr [ebp-4] 00420D72 |. 33DB xor ebx, ebx 00420D74 |. 8B82 90000000 mov eax, dword ptr [edx+90] 00420D7A |. 25 0000FFFF and eax, FFFF0000 00420D7F |. 0BC1 or eax, ecx 00420D81 |. 8B4D FC mov ecx, dword ptr [ebp-4] 00420D84 |. 8BD0 mov edx, eax 00420D86 |. 8991 90000000 mov dword ptr [ecx+90], edx 00420D8C |. 8B45 FC mov eax, dword ptr [ebp-4] 00420D8F |. 3150 44 xor dword ptr [eax+44], edx 00420D92 |. 8B55 FC mov edx, dword ptr [ebp-4] 00420D95 |. 8B45 FC mov eax, dword ptr [ebp-4] 00420D98 |. 8B8A 90000000 mov ecx, dword ptr [edx+90] 00420D9E |. 3148 48 xor dword ptr [eax+48], ecx 00420DA1 |. 33C0 xor eax, eax 00420DA3 |. 3B5D F8 cmp ebx, dword ptr [ebp-8] 00420DA6 |. 0F8D 8F000000 jge 00420E3B 00420DAC |> 8BD3 /mov edx, ebx 00420DAE |. C1E2 04 |shl edx, 4 00420DB1 |. 0355 0C |add edx, dword ptr [ebp+C] 00420DB4 |. 81C2 94000000 |add edx, 94 00420DBA |. 8D0C38 |lea ecx, dword ptr [eax+edi] 00420DBD |. 81E1 FF030080 |and ecx, 800003FF 00420DC3 |. 79 08 |jns short 00420DCD 00420DC5 |. 49 |dec ecx 00420DC6 |. 81C9 00FCFFFF |or ecx, FFFFFC00 00420DCC |. 41 |inc ecx 00420DCD |> 8B0C8D 1C3A55>|mov ecx, dword ptr [ecx*4+553A1C] 00420DD4 |. 40 |inc eax 00420DD5 |. 310A |xor dword ptr [edx], ecx 00420DD7 |. 8D0C38 |lea ecx, dword ptr [eax+edi] 00420DDA |. 81E1 FF030080 |and ecx, 800003FF 00420DE0 |. 79 08 |jns short 00420DEA 00420DE2 |. 49 |dec ecx 00420DE3 |. 81C9 00FCFFFF |or ecx, FFFFFC00 00420DE9 |. 41 |inc ecx 00420DEA |> 8B0C8D 1C3A55>|mov ecx, dword ptr [ecx*4+553A1C] 00420DF1 |. 40 |inc eax 00420DF2 |. 314A 04 |xor dword ptr [edx+4], ecx 00420DF5 |. 8D0C38 |lea ecx, dword ptr [eax+edi] 00420DF8 |. 81E1 FF030080 |and ecx, 800003FF 00420DFE |. 79 08 |jns short 00420E08 00420E00 |. 49 |dec ecx 00420E01 |. 81C9 00FCFFFF |or ecx, FFFFFC00 00420E07 |. 41 |inc ecx 00420E08 |> 8B0C8D 1C3A55>|mov ecx, dword ptr [ecx*4+553A1C] 00420E0F |. 40 |inc eax 00420E10 |. 314A 08 |xor dword ptr [edx+8], ecx 00420E13 |. 8D0C38 |lea ecx, dword ptr [eax+edi] 00420E16 |. 81E1 FF030080 |and ecx, 800003FF 00420E1C |. 79 08 |jns short 00420E26 00420E1E |. 49 |dec ecx 00420E1F |. 81C9 00FCFFFF |or ecx, FFFFFC00 00420E25 |. 41 |inc ecx 00420E26 |> 8B0C8D 1C3A55>|mov ecx, dword ptr [ecx*4+553A1C] 00420E2D |. 314A 0C |xor dword ptr [edx+C], ecx 00420E30 |. 40 |inc eax 00420E31 |. 43 |inc ebx 00420E32 |. 3B5D F8 |cmp ebx, dword ptr [ebp-8] 00420E35 |.^ 0F8C 71FFFFFF \jl 00420DAC 00420E3B |> 5F pop edi 00420E3C |. 5E pop esi 00420E3D |. 5B pop ebx 00420E3E |. 8BE5 mov esp, ebp 00420E40 |. 5D pop ebp 00420E41 \. C3 retn 00420E42 90 nop 00420E43 90 nop 00420E44 $ 55 push ebp 00420E45 . 8BEC mov ebp, esp 00420E47 . 83C4 B8 add esp, -48 00420E4A . 33C0 xor eax, eax 00420E4C . 53 push ebx 00420E4D . 56 push esi 00420E4E . 57 push edi 00420E4F . 8945 FC mov dword ptr [ebp-4], eax 00420E52 . 8B55 0C mov edx, dword ptr [ebp+C] 00420E55 . 8955 F8 mov dword ptr [ebp-8], edx 00420E58 . 33D2 xor edx, edx 00420E5A . 8B4D F8 mov ecx, dword ptr [ebp-8] 00420E5D . 8171 44 31323>xor dword ptr [ecx+44], 88313231 00420E64 . 8B45 F8 mov eax, dword ptr [ebp-8] 00420E67 . B9 BC030000 mov ecx, 3BC 00420E6C . 8B40 44 mov eax, dword ptr [eax+44] 00420E6F . F7F1 div ecx 00420E71 . 8955 F4 mov dword ptr [ebp-C], edx 00420E74 . 8B45 F4 mov eax, dword ptr [ebp-C] 00420E77 . 8B4D F8 mov ecx, dword ptr [ebp-8] 00420E7A . 8B1485 383A55>mov edx, dword ptr [eax*4+553A38] 00420E81 . 3151 48 xor dword ptr [ecx+48], edx 00420E84 . 8B45 F4 mov eax, dword ptr [ebp-C] 00420E87 . 8B4D F8 mov ecx, dword ptr [ebp-8] 00420E8A . 8B1485 483A55>mov edx, dword ptr [eax*4+553A48] 00420E91 . 3151 4C xor dword ptr [ecx+4C], edx 00420E94 . 33FF xor edi, edi 00420E96 . 8B45 F8 mov eax, dword ptr [ebp-8] 00420E99 . 8B50 48 mov edx, dword ptr [eax+48] 00420E9C . 8955 F0 mov dword ptr [ebp-10], edx 00420E9F . 33C0 xor eax, eax 00420EA1 . 8945 EC mov dword ptr [ebp-14], eax 00420EA4 . 8B55 EC mov edx, dword ptr [ebp-14] 00420EA7 . 3B55 F0 cmp edx, dword ptr [ebp-10] 00420EAA . 0F8D 23020000 jge 004210D3 00420EB0 > 8B5D EC mov ebx, dword ptr [ebp-14] 00420EB3 . 8B45 F4 mov eax, dword ptr [ebp-C] 00420EB6 . C1E3 02 shl ebx, 2 00420EB9 . 03C7 add eax, edi 00420EBB . 8D1C5B lea ebx, dword ptr [ebx+ebx*2] 00420EBE . 035D 0C add ebx, dword ptr [ebp+C] 00420EC1 . 81C3 90000000 add ebx, 90 00420EC7 . 25 FF030080 and eax, 800003FF 00420ECC . 79 07 jns short 00420ED5 00420ECE . 48 dec eax 00420ECF . 0D 00FCFFFF or eax, FFFFFC00 00420ED4 . 40 inc eax 00420ED5 > 8B1485 1C3A55>mov edx, dword ptr [eax*4+553A1C] 00420EDC . 3113 xor dword ptr [ebx], edx 00420EDE . 8B0B mov ecx, dword ptr [ebx] 00420EE0 . 51 push ecx ; /Arg2 00420EE1 . 8B45 08 mov eax, dword ptr [ebp+8] ; | 00420EE4 . 50 push eax ; |Arg1 00420EE5 . E8 7EF8FFFF call 00420768 ; \cck.00420768 00420EEA . 83C4 08 add esp, 8 00420EED . 8BF0 mov esi, eax 00420EEF . 47 inc edi 00420EF0 . 8B45 F4 mov eax, dword ptr [ebp-C] 00420EF3 . 03C7 add eax, edi 00420EF5 . 25 FF030080 and eax, 800003FF 00420EFA . 79 07 jns short 00420F03 00420EFC . 48 dec eax 00420EFD . 0D 00FCFFFF or eax, FFFFFC00 00420F02 . 40 inc eax 00420F03 > 8B1485 1C3A55>mov edx, dword ptr [eax*4+553A1C] 00420F0A . 3153 04 xor dword ptr [ebx+4], edx 00420F0D . 47 inc edi 00420F0E . 8B4D F4 mov ecx, dword ptr [ebp-C] 00420F11 . 03CF add ecx, edi 00420F13 . 81E1 FF030080 and ecx, 800003FF 00420F19 . 79 08 jns short 00420F23 00420F1B . 49 dec ecx 00420F1C . 81C9 00FCFFFF or ecx, FFFFFC00 00420F22 . 41 inc ecx 00420F23 > 8B048D 1C3A55>mov eax, dword ptr [ecx*4+553A1C] 00420F2A . 3143 08 xor dword ptr [ebx+8], eax 00420F2D . 85F6 test esi, esi 00420F2F . 8B55 08 mov edx, dword ptr [ebp+8] 00420F32 . 8B4B 08 mov ecx, dword ptr [ebx+8] 00420F35 . 898A 30010200 mov dword ptr [edx+20130], ecx 00420F3B . 74 06 je short 00420F43 00420F3D . 8B43 08 mov eax, dword ptr [ebx+8] 00420F40 . 8946 10 mov dword ptr [esi+10], eax 00420F43 > 47 inc edi 00420F44 . 8B43 04 mov eax, dword ptr [ebx+4] 00420F47 . 3D FF000000 cmp eax, 0FF 00420F4C . 76 18 jbe short 00420F66 00420F4E . 25 00FF0000 and eax, 0FF00 00420F53 . C1E8 08 shr eax, 8 00420F56 . 85F6 test esi, esi 00420F58 . 74 43 je short 00420F9D 00420F5A . 66:8946 0C mov word ptr [esi+C], ax 00420F5E . 66:C746 0E 02>mov word ptr [esi+E], 2 00420F64 . EB 37 jmp short 00420F9D 00420F66 > 8B53 04 mov edx, dword ptr [ebx+4] 00420F69 . 4A dec edx ; Switch (cases 1..4) 00420F6A . 74 0B je short 00420F77 00420F6C . 4A dec edx 00420F6D . 74 10 je short 00420F7F 00420F6F . 4A dec edx 00420F70 . 74 15 je short 00420F87 00420F72 . 4A dec edx 00420F73 . 74 1A je short 00420F8F 00420F75 . EB 20 jmp short 00420F97 00420F77 > 66:C746 0E 03>mov word ptr [esi+E], 3 ; Case 1 of switch 00420F69 00420F7D . EB 1E jmp short 00420F9D 00420F7F > 66:C746 0E 03>mov word ptr [esi+E], 3 ; Case 2 of switch 00420F69 00420F85 . EB 16 jmp short 00420F9D 00420F87 > 66:C746 0E 04>mov word ptr [esi+E], 4 ; Case 3 of switch 00420F69 00420F8D . EB 0E jmp short 00420F9D 00420F8F > 66:C746 0E 05>mov word ptr [esi+E], 5 ; Case 4 of switch 00420F69 00420F95 . EB 06 jmp short 00420F9D 00420F97 > 66:C746 0E 03>mov word ptr [esi+E], 3 ; Default case of switch 00420F69 00420F9D > 85F6 test esi, esi 00420F9F . 0F84 E7000000 je 0042108C 00420FA5 . 0FB74E 0E movzx ecx, word ptr [esi+E] 00420FA9 . 83F9 05 cmp ecx, 5 ; Switch (cases 2..5) 00420FAC . 0F87 DA000000 ja 0042108C 00420FB2 . FF248D B90F42>jmp dword ptr [ecx*4+420FB9] 00420FB9 . 8C104200 dd cck.0042108C ; 分支表 被用于 00420FB2 00420FBD . 8C104200 dd cck.0042108C 00420FC1 . D60F4200 dd cck.00420FD6 00420FC5 . 20104200 dd cck.00421020 00420FC9 . 45104200 dd cck.00421045 00420FCD . 6A104200 dd cck.0042106A 00420FD1 . E9 B6000000 jmp 0042108C 00420FD6 > 8B06 mov eax, dword ptr [esi] ; Case 2 of switch 00420FA9 00420FD8 . 8D55 B8 lea edx, dword ptr [ebp-48] 00420FDB . 50 push eax ; /Arg3 00420FDC . 68 FA4F5500 push 00554FFA ; |%d 00420FE1 . 52 push edx ; |Arg1 00420FE2 . E8 7DF80F00 call 00520864 ; \cck.00520864 00420FE7 . 83C4 0C add esp, 0C 00420FEA . 0FBE4D B8 movsx ecx, byte ptr [ebp-48] 00420FEE . 83F9 32 cmp ecx, 32 00420FF1 . 75 06 jnz short 00420FF9 00420FF3 . 8345 FC 32 add dword ptr [ebp-4], 32 00420FF7 . EB 03 jmp short 00420FFC 00420FF9 > FF45 FC inc dword ptr [ebp-4] 00420FFC > 8B46 08 mov eax, dword ptr [esi+8] 00420FFF . 50 push eax ; /Arg7 00421000 . A1 00145500 mov eax, dword ptr [551400] ; | 00421005 . 8B56 04 mov edx, dword ptr [esi+4] ; | 00421008 . 52 push edx ; |Arg6 00421009 . 8B0E mov ecx, dword ptr [esi] ; | 0042100B . 51 push ecx ; |Arg5 0042100C . 68 FD4F5500 push 00554FFD ; |cdkey[%d-%d-%d]验证成功 00421011 . 6A 01 push 1 ; |Arg3 = 00000001 00421013 . 6A 00 push 0 ; |Arg2 = 00000000 00421015 . 50 push eax ; |Arg1 => 00000000 00421016 . E8 6DAFFFFF call 0041BF88 ; \cck.0041BF88 0042101B . 83C4 1C add esp, 1C 0042101E . EB 6C jmp short 0042108C 00421020 > 8B56 08 mov edx, dword ptr [esi+8] ; Case 3 of switch 00420FA9 00421023 . 52 push edx ; /Arg7 00421024 . 8B15 00145500 mov edx, dword ptr [551400] ; | 0042102A . 8B4E 04 mov ecx, dword ptr [esi+4] ; | 0042102D . 51 push ecx ; |Arg6 0042102E . 8B06 mov eax, dword ptr [esi] ; | 00421030 . 50 push eax ; |Arg5 00421031 . 68 16505500 push 00555016 ; |cdkey[%d-%d-%d]错误,请核对 00421036 . 6A 03 push 3 ; |Arg3 = 00000003 00421038 . 6A 00 push 0 ; |Arg2 = 00000000 0042103A . 52 push edx ; |Arg1 => 00000000 0042103B . E8 48AFFFFF call 0041BF88 ; \cck.0041BF88 00421040 . 83C4 1C add esp, 1C 00421043 . EB 47 jmp short 0042108C 00421045 > 8B4E 08 mov ecx, dword ptr [esi+8] ; Case 4 of switch 00420FA9 00421048 . 51 push ecx ; /Arg7 00421049 . 8B0D 00145500 mov ecx, dword ptr [551400] ; | 0042104F . 8B46 04 mov eax, dword ptr [esi+4] ; | 00421052 . 50 push eax ; |Arg6 00421053 . 8B16 mov edx, dword ptr [esi] ; | 00421055 . 52 push edx ; |Arg5 00421056 . 68 32505500 push 00555032 ; |cdkey[%d-%d-%d]在其他机器登陆,请勿在15分钟内重复登陆 0042105B . 6A 03 push 3 ; |Arg3 = 00000003 0042105D . 6A 00 push 0 ; |Arg2 = 00000000 0042105F . 51 push ecx ; |Arg1 => 00000000 00421060 . E8 23AFFFFF call 0041BF88 ; \cck.0041BF88 00421065 . 83C4 1C add esp, 1C 00421068 . EB 22 jmp short 0042108C 0042106A > 8B46 08 mov eax, dword ptr [esi+8] ; Case 5 of switch 00420FA9 0042106D . 50 push eax ; /Arg7 0042106E . A1 00145500 mov eax, dword ptr [551400] ; | 00421073 . 8B56 04 mov edx, dword ptr [esi+4] ; | 00421076 . 52 push edx ; |Arg6 00421077 . 8B0E mov ecx, dword ptr [esi] ; | 00421079 . 51 push ecx ; |Arg5 0042107A . 68 68505500 push 00555068 ; |cdkey[%d-%d-%d]已经过期 0042107F . 6A 03 push 3 ; |Arg3 = 00000003 00421081 . 6A 00 push 0 ; |Arg2 = 00000000 00421083 . 50 push eax ; |Arg1 => 00000000 00421084 . E8 FFAEFFFF call 0041BF88 ; \cck.0041BF88 00421089 . 83C4 1C add esp, 1C 0042108C > 8B55 F8 mov edx, dword ptr [ebp-8] ; Default case of switch 00420FA9 0042108F . 8B42 4C mov eax, dword ptr [edx+4C] 00421092 . 8B55 08 mov edx, dword ptr [ebp+8] 00421095 . 3B82 2C010200 cmp eax, dword ptr [edx+2012C] 0042109B . 72 0B jb short 004210A8 0042109D . 8B4D 08 mov ecx, dword ptr [ebp+8] 004210A0 . 8981 2C010200 mov dword ptr [ecx+2012C], eax 004210A6 . EB 1C jmp short 004210C4 004210A8 > 68 81505500 push 00555081 ; /cycle数据非法 004210AD . 6A 02 push 2 ; |Arg3 = 00000002 004210AF . 6A 00 push 0 ; |Arg2 = 00000000 004210B1 . A1 00145500 mov eax, dword ptr [551400] ; | 004210B6 . 50 push eax ; |Arg1 => 00000000 004210B7 . E8 CCAEFFFF call 0041BF88 ; \cck.0041BF88 004210BC . 83C4 10 add esp, 10 004210BF . 33D2 xor edx, edx 004210C1 . 8955 FC mov dword ptr [ebp-4], edx 004210C4 > FF45 EC inc dword ptr [ebp-14] 004210C7 . 8B4D EC mov ecx, dword ptr [ebp-14] 004210CA . 3B4D F0 cmp ecx, dword ptr [ebp-10] 004210CD .^ 0F8C DDFDFFFF jl 00420EB0 004210D3 > 837D FC 32 cmp dword ptr [ebp-4], 32 004210D7 . 7E 07 jle short 004210E0 004210D9 . C745 FC 32000>mov dword ptr [ebp-4], 32 004210E0 > 8B45 08 mov eax, dword ptr [ebp+8] 004210E3 . 8B90 44010200 mov edx, dword ptr [eax+20144] 004210E9 . 3B55 FC cmp edx, dword ptr [ebp-4] 004210EC . 7E 18 jle short 00421106 004210EE . 68 8F505500 push 0055508F ; /可用挂机数减少,请检查cdkey数量及正确性, 004210F3 . 6A 03 push 3 ; |Arg3 = 00000003 004210F5 . 6A 00 push 0 ; |Arg2 = 00000000 004210F7 . 8B0D 00145500 mov ecx, dword ptr [551400] ; | 004210FD . 51 push ecx ; |Arg1 => 00000000 004210FE . E8 85AEFFFF call 0041BF88 ; \cck.0041BF88 00421103 . 83C4 10 add esp, 10 00421106 > 8B45 08 mov eax, dword ptr [ebp+8] 00421109 . 8B55 FC mov edx, dword ptr [ebp-4] 0042110C . 8990 44010200 mov dword ptr [eax+20144], edx 00421112 . 33C0 xor eax, eax 00421114 . 8B55 F8 mov edx, dword ptr [ebp-8] 00421117 . 83C2 04 add edx, 4 0042111A > 8B1A mov ebx, dword ptr [edx] 0042111C . 8B4D F4 mov ecx, dword ptr [ebp-C] 0042111F . 03C8 add ecx, eax 00421121 . 3B1C8D 1C3A55>cmp ebx, dword ptr [ecx*4+553A1C] 00421128 . 76 05 jbe short 0042112F 0042112A . 83C8 FF or eax, FFFFFFFF 0042112D . EB 5F jmp short 0042118E 0042112F > 83F8 0F cmp eax, 0F 00421132 . 74 11 je short 00421145 00421134 . 8B5A 4C mov ebx, dword ptr [edx+4C] 00421137 . 3B1C8D 5C3A55>cmp ebx, dword ptr [ecx*4+553A5C] 0042113E . 73 05 jnb short 00421145 00421140 . 83C8 FF or eax, FFFFFFFF 00421143 . EB 49 jmp short 0042118E 00421145 > 40 inc eax 00421146 . 83C2 04 add edx, 4 00421149 . 83F8 10 cmp eax, 10 0042114C .^ 7C CC jl short 0042111A 0042114E . 33DB xor ebx, ebx 00421150 . 33C9 xor ecx, ecx 00421152 . 8B45 F8 mov eax, dword ptr [ebp-8] 00421155 . 8D50 04 lea edx, dword ptr [eax+4] 00421158 > 8B02 mov eax, dword ptr [edx] 0042115A . 83E0 0F and eax, 0F 0042115D . 03D8 add ebx, eax 0042115F . 83F9 0F cmp ecx, 0F 00421162 . 74 08 je short 0042116C 00421164 . 8B42 4C mov eax, dword ptr [edx+4C] 00421167 . 83E0 0F and eax, 0F 0042116A . 03D8 add ebx, eax 0042116C > 41 inc ecx 0042116D . 83C2 04 add edx, 4 00421170 . 83F9 10 cmp ecx, 10 00421173 .^ 7C E3 jl short 00421158 00421175 . 8B55 F8 mov edx, dword ptr [ebp-8] 00421178 . 8B82 8C000000 mov eax, dword ptr [edx+8C] 0042117E . 25 FFFF0000 and eax, 0FFFF 00421183 . 3BC3 cmp eax, ebx 00421185 . 74 05 je short 0042118C 00421187 . 83C8 FF or eax, FFFFFFFF 0042118A . EB 02 jmp short 0042118E 0042118C > 33C0 xor eax, eax 0042118E > 5F pop edi 0042118F . 5E pop esi 00421190 . 5B pop ebx 00421191 . 8BE5 mov esp, ebp 00421193 . 5D pop ebp 00421194 . C3 retn 00421195 90 nop 00421196 90 nop |
|
|
[原创][网络验证破解]某外挂验证转本地化
Borland C++ 1999.编的软件如和调试,有这方面的文章吗 |
|
|
[注意]熊猫烧香作者:不是五年,是无期徒刑...
杀毒软件生产商回家种白薯吧,去学学进化论 |
|
|
[讨论]请看一下如和破
顶一下,求教 |
|
|
[讨论]请看一下如和破
能不能告我如和改,好吗 |
|
|
[求助]这几句什么意思
那里有这方面的学习资料 |
|
|
脱壳高手给点关于Themida加壳软件OEP恢复方面的资料
破解Themida的软件最内存补订,举个例子.能不能 |
|
|
|
操作理由
RANk
{{ user_info.golds == '' ? 0 : user_info.golds }}
雪币
{{ experience }}
课程经验
{{ score }}
学习收益
{{study_duration_fmt}}
学习时长
基本信息
荣誉称号:
{{ honorary_title }}
勋章
兑换勋章
证书
证书查询 >
能力值
